Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (85 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2013-6461 3 Debian, Nokogiri, Redhat 7 Debian Linux, Nokogiri, Cloudforms Management Engine and 4 more 2024-11-21 6.5 Medium
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
CVE-2013-6460 3 Debian, Nokogiri, Redhat 7 Debian Linux, Nokogiri, Cloudforms Management Engine and 4 more 2024-11-21 6.5 Medium
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
CVE-2013-4335 1 Openpne 1 Opopensocialplugin 2024-11-21 9.8 Critical
opOpenSocialPlugin 0.8.2.1, > 0.9.9.2, 0.9.13, 1.2.6: Multiple XML External Entity Injection Vulnerabilities
CVE-2012-6685 2 Nokogiri, Redhat 9 Nokogiri, Cloudforms Management Engine, Cloudforms Managementengine and 6 more 2024-11-21 7.5 High
Nokogiri before 1.5.4 is vulnerable to XXE attacks
CVE-2012-3340 1 Ibm 1 Infosphere Guardium 2024-11-21 4.3 Medium
IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 78291.